Atlassian Bitbucket Server and Data Center Vulnerability
Exploit or POC: Yes (Actively Being Exploited)
Description: CVE-2022-36804 allows for arbitrary code execution by transmitting malicious HTTP requests. To successfully exploit this vulnerability read permissions to a private or public Bitbucket repository is required.
Mitigation recommendation: Patching is currently the only method of mitigation
RedLegg Action: None at this time.